Welcome to AIX, bit of a different beast from Windows. http://www.auditunix.com/unix-security-tool/ this might help. Some of the best practices around securing Linux can also apply to AIX - root shouldn't have remote access, users should remote in with their IDs and use SUDO to execute elevated commands. don't use telnet if other more secure methods are supported. Here is a link to a Tenable post, it is older, but some of the plugins may still apply: http://www.tenable.com/blog/aix-best-pr ... its.&nbsp; You will probably require SSH access to the systems to adequately audit them. Oh and be careful when scanning these systems, they area bit more sensitive than Windows and some scanners will break them even if you are running with safe scans.

3xban wrote:Welcome to AIX, bit of a different beast from Windows. http://www.auditunix.com/unix-security-tool/ this might help. Some of the best practices around securing Linux can also apply to AIX - root shouldn't have remote access, users should remote in with their IDs and use SUDO to execute elevated commands. don't use telnet if other more secure methods are supported. Here is a link to a Tenable post, it is older, but some of the plugins may still apply: http://www.tenable.com/blog/aix-best-pr ... its.&nbsp; You will probably require SSH access to the systems to adequately audit them. Oh and be careful when scanning these systems, they area bit more sensitive than Windows and some scanners will break them even if you are running with safe scans.

Good luck!

Thanks 3xban , is John the Ripper still the best tool for password cracking of AIX, as it would be traditional *nix systems?